VIRY.CZ

Logfile of random's system information tool 1.10 (written by random/random)
Run by yourfragged at 2014-07-19 15:19:20
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 238 GB (50%) free of 477 GB
Total RAM: 2047 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:19:32, on 19.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.18487)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\yourfragged.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1198 ... 304F50CB37
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - Unknown owner - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - Unknown owner - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6812 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe" -r
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe" -hidden /prefetch:1
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3260.0.401841937\963891756" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15,39 --gpu-vendor-id=0x10de --gpu-device-id=0x05e2 --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.17.12.8562 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group13 pct:1d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A4_Stable_R1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_63/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3260.2.533039153\15912006" /prefetch:673131151
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group13 pct:1d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A4_Stable_R1/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_63/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3260.21.1954057033\115933754" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group13 pct:1d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A4_Stable_R1/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_63/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3260.71.1136274217\427534699" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group13 pct:1d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/NewSuggestType_A4_Stable_R1/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-1-Percent/group_63/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="3260.73.1297754373\1238933648" /prefetch:673131151
"C:\Users\yourfragged\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore1cec718c94750c.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\RDReminder.job - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe -rem

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-07-17 800448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-07-17 1499968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-07-17 550080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-07-17 996544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-07-17 655040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-07-17 1238336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-04 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-07-17 455360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-04 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-07-17 798912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-11-20 13662936]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-05-30 1279480]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7]
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Avira Systray]
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Programy\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2014-05-14 2774936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2014-05-14 3681688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.RTV1"=rtvcvfw64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-19 15:19:22 ----D---- C:\Program Files\trend micro
2014-07-19 15:19:20 ----D---- C:\rsit
2014-07-18 00:22:10 ----A---- C:\Windows\system32\_ HD PORNO _ Jewels Jade 02 ( brunetky anal mlib porno film brazzers teen best hardcore erotic porn oral nice ass young girls holky with old busty woman new akce sukani of girl milf xxx sex erot.lnk
2014-07-18 00:21:48 ----A---- C:\Windows\system32\_ HD PORNO _ Nikita von James ( blondynky psp porno film brazzers teen best hardcore erotic porn oral nice ass young girls holky with old busty woman new akce sukani of girl milf xxx sex erotika.lnk
2014-07-17 22:07:18 ----A---- C:\Windows\system32\klfphc.dll
2014-07-17 22:06:12 ----D---- C:\Windows\ELAMBKUP
2014-07-17 22:05:58 ----D---- C:\ProgramData\Kaspersky Lab
2014-07-17 22:05:58 ----D---- C:\Program Files (x86)\Kaspersky Lab
2014-07-17 22:05:38 ----A---- C:\Windows\system32\drivers\klif.sys
2014-07-17 22:05:38 ----A---- C:\Windows\system32\drivers\klflt.sys
2014-07-17 16:56:26 ----A---- C:\Windows\system32\drivers\stflt.sys
2014-07-17 16:56:23 ----D---- C:\Users\yourfragged\AppData\Roaming\Spyware Terminator
2014-07-17 16:56:23 ----D---- C:\ProgramData\Spyware Terminator
2014-07-17 16:55:58 ----D---- C:\Program Files (x86)\Spyware Terminator
2014-07-17 15:52:49 ----D---- C:\ProgramData\NVIDIA
2014-07-17 15:50:50 ----A---- C:\Windows\system32\easyupdatusapiu64.dll
2014-07-17 15:49:44 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-07-17 15:49:44 ----A---- C:\Windows\system32\OpenCL.dll
2014-07-17 15:49:43 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-07-17 15:49:43 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-07-17 15:49:43 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-07-17 15:49:43 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-07-17 15:49:43 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-07-17 15:49:43 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-07-17 15:49:43 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-07-17 15:49:43 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-07-17 15:49:43 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-07-17 15:49:43 ----A---- C:\Windows\system32\nvoglv64.dll
2014-07-17 15:49:43 ----A---- C:\Windows\system32\nvgenco64.dll
2014-07-17 15:49:43 ----A---- C:\Windows\system32\nvdispco64.dll
2014-07-17 15:49:43 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-07-17 15:49:43 ----A---- C:\Windows\system32\nvcuvid.dll
2014-07-17 15:49:43 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-07-17 15:49:43 ----A---- C:\Windows\system32\nvcuda.dll
2014-07-17 15:49:43 ----A---- C:\Windows\system32\nvcompiler.dll
2014-07-17 15:49:43 ----A---- C:\Windows\system32\nvapi64.dll
2014-07-17 15:49:43 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-07-17 15:46:58 ----D---- C:\ProgramData\NVIDIA Corporation
2014-07-17 15:46:55 ----D---- C:\Program Files\NVIDIA Corporation
2014-07-17 15:41:22 ----A---- C:\Windows\system32\nvvsvc.exe
2014-07-17 15:41:22 ----A---- C:\Windows\system32\nvsvc64.dll
2014-07-17 15:41:22 ----A---- C:\Windows\system32\nvshext.dll
2014-07-17 15:41:22 ----A---- C:\Windows\system32\nvmctray.dll
2014-07-17 15:41:22 ----A---- C:\Windows\system32\nvcpl.dll
2014-07-17 15:16:19 ----D---- C:\Windows\DEA314C409294250BC9298E4C105F28D.TMP
2014-07-17 15:09:36 ----A---- C:\Windows\system32\dpinst.exe
2014-07-17 15:09:32 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2014-07-17 15:09:24 ----D---- C:\NVIDIA
2014-07-17 13:10:55 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2014-07-17 13:00:36 ----D---- C:\Program Files (x86)\Avira
2014-07-17 12:32:55 ----D---- C:\Users\yourfragged\AppData\Roaming\AdobeChk
2014-07-16 23:45:34 ----A---- C:\Windows\ntbtlog.txt
2014-07-16 21:03:49 ----D---- C:\Windows\B9DB4C7601A446D58910F7AA6376DBAF.TMP
2014-07-16 20:57:14 ----A---- C:\Windows\system32\nvgenco642040.dll
2014-07-16 20:57:14 ----A---- C:\Windows\system32\nvdispco642090.dll
2014-07-16 19:35:29 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-16 19:35:29 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-16 19:35:29 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-16 19:35:29 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-16 19:35:29 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-16 19:35:29 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-16 19:35:29 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-16 19:35:29 ----A---- C:\Windows\system32\wdigest.dll
2014-07-16 19:35:29 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-16 19:35:29 ----A---- C:\Windows\system32\schannel.dll
2014-07-16 19:35:29 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-16 19:35:29 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-16 19:35:29 ----A---- C:\Windows\system32\kerberos.dll
2014-07-16 19:35:29 ----A---- C:\Windows\system32\credssp.dll
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\url.dll
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\mshta.exe
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-16 19:33:12 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-16 19:33:12 ----A---- C:\Windows\system32\wininet.dll
2014-07-16 19:33:12 ----A---- C:\Windows\system32\urlmon.dll
2014-07-16 19:33:12 ----A---- C:\Windows\system32\url.dll
2014-07-16 19:33:12 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-16 19:33:12 ----A---- C:\Windows\system32\mshtml.dll
2014-07-16 19:33:12 ----A---- C:\Windows\system32\mshta.exe
2014-07-16 19:33:12 ----A---- C:\Windows\system32\msfeedssync.exe
2014-07-16 19:33:12 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-07-16 19:33:12 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-16 19:33:12 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-16 19:33:12 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-16 19:33:12 ----A---- C:\Windows\system32\ieui.dll
2014-07-16 19:33:12 ----A---- C:\Windows\system32\iertutil.dll
2014-07-16 19:33:12 ----A---- C:\Windows\system32\ieframe.dll
2014-07-16 19:33:12 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-16 19:33:12 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-16 19:31:54 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-16 19:31:54 ----A---- C:\Windows\system32\win32k.sys
2014-07-16 19:31:54 ----A---- C:\Windows\system32\osk.exe
2014-07-16 19:31:06 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-16 19:31:06 ----A---- C:\Windows\system32\qedit.dll
2014-07-16 19:29:55 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-16 19:29:18 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-16 19:29:18 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-16 19:29:18 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-16 19:28:29 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-07-16 19:28:29 ----A---- C:\Windows\system32\rdpcorets.dll
2014-07-16 19:27:49 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-07-16 19:27:49 ----A---- C:\Windows\system32\usp10.dll
2014-07-16 19:26:39 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-07-16 19:26:39 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-07-16 19:26:39 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-07-16 19:26:39 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-07-16 19:26:39 ----A---- C:\Windows\system32\msxml6r.dll
2014-07-16 19:26:39 ----A---- C:\Windows\system32\msxml6.dll
2014-07-16 19:26:39 ----A---- C:\Windows\system32\msxml3r.dll
2014-07-16 19:26:39 ----A---- C:\Windows\system32\msxml3.dll
2014-07-16 19:25:59 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-07-16 19:25:59 ----A---- C:\Windows\system32\drivers\netio.sys
2014-07-16 19:25:59 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-07-16 19:24:15 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-07-16 19:24:14 ----A---- C:\Windows\system32\shell32.dll
2014-07-16 19:22:39 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-07-16 19:22:39 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-07-16 19:22:39 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-07-16 19:22:39 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-07-16 19:22:39 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-07-16 19:22:39 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-07-16 19:22:39 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-07-16 19:22:39 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-07-16 19:22:39 ----A---- C:\Windows\system32\winlogon.exe
2014-07-16 19:22:39 ----A---- C:\Windows\system32\wincredprovider.dll
2014-07-16 19:22:39 ----A---- C:\Windows\system32\sspisrv.dll
2014-07-16 19:22:39 ----A---- C:\Windows\system32\sspicli.dll
2014-07-16 19:22:39 ----A---- C:\Windows\system32\secur32.dll
2014-07-16 19:22:39 ----A---- C:\Windows\system32\objsel.dll
2014-07-16 19:22:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-07-16 19:22:39 ----A---- C:\Windows\system32\lsass.exe
2014-07-16 19:22:39 ----A---- C:\Windows\system32\KernelBase.dll
2014-07-16 19:22:39 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-07-16 19:22:39 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-07-16 19:22:39 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-07-16 19:22:39 ----A---- C:\Windows\system32\dimsroam.dll
2014-07-16 19:22:39 ----A---- C:\Windows\system32\cngprovider.dll
2014-07-16 19:22:39 ----A---- C:\Windows\system32\capiprovider.dll
2014-07-16 19:22:39 ----A---- C:\Windows\system32\adprovider.dll
2014-07-16 19:22:38 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-07-16 19:22:38 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-07-16 19:21:34 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-07-16 19:21:13 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-07-16 19:21:13 ----A---- C:\Windows\system32\iologmsg.dll
2014-07-16 19:21:13 ----A---- C:\Windows\system32\drivers\storport.sys
2014-07-16 19:21:13 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-07-16 19:21:13 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-07-16 19:20:50 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-07-16 19:20:50 ----A---- C:\Windows\SYSWOW64\user.exe
2014-07-16 19:20:50 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-07-16 19:20:50 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-07-16 19:20:50 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-07-16 19:20:50 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-07-16 19:20:50 ----A---- C:\Windows\system32\wow64win.dll
2014-07-16 19:20:50 ----A---- C:\Windows\system32\wow64cpu.dll
2014-07-16 19:20:50 ----A---- C:\Windows\system32\wow64.dll
2014-07-16 19:20:50 ----A---- C:\Windows\system32\ntvdm64.dll
2014-07-16 19:20:50 ----A---- C:\Windows\system32\kernel32.dll
2014-07-16 19:20:32 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-07-16 19:20:32 ----A---- C:\Windows\system32\wer.dll
2014-07-16 19:20:19 ----A---- C:\Windows\system32\wwansvc.dll
2014-07-16 19:17:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-16 19:17:14 ----A---- C:\Windows\system32\vbscript.dll
2014-07-16 19:15:26 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-07-16 19:15:26 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-07-16 19:15:26 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-07-16 19:15:26 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-07-16 19:15:26 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-07-16 19:15:26 ----A---- C:\Windows\system32\msdrm.dll
2014-07-16 19:15:25 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-07-16 19:15:25 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-07-16 19:15:25 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-07-16 19:15:25 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-07-16 19:15:25 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-07-16 19:15:25 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-07-16 19:15:25 ----A---- C:\Windows\system32\secproc_isv.dll
2014-07-16 19:15:25 ----A---- C:\Windows\system32\secproc.dll
2014-07-16 19:15:25 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-07-16 19:15:25 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-07-16 19:15:25 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-07-16 19:15:25 ----A---- C:\Windows\system32\RMActivate.exe
2014-07-16 19:14:54 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-07-16 19:14:54 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-07-16 19:14:54 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-07-16 19:14:54 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-07-16 19:14:54 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-07-16 19:14:54 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-07-16 19:14:54 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-07-16 19:14:41 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2014-07-16 19:14:41 ----A---- C:\Windows\system32\msieftp.dll
2014-07-16 19:14:27 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-07-16 19:14:27 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-07-16 19:14:27 ----A---- C:\Windows\system32\wmploc.DLL
2014-07-16 19:14:27 ----A---- C:\Windows\system32\wmp.dll
2014-07-16 19:14:07 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-07-16 19:14:07 ----A---- C:\Windows\system32\tzres.dll
2014-07-16 19:13:49 ----A---- C:\Windows\SYSWOW64\wscript.exe
2014-07-16 19:13:49 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2014-07-16 19:13:49 ----A---- C:\Windows\SYSWOW64\cscript.exe
2014-07-16 19:13:49 ----A---- C:\Windows\system32\wscript.exe
2014-07-16 19:13:49 ----A---- C:\Windows\system32\scrrun.dll
2014-07-16 19:13:49 ----A---- C:\Windows\system32\cscript.exe
2014-07-16 19:13:40 ----A---- C:\Windows\system32\drivers\portcls.sys
2014-07-16 19:13:40 ----A---- C:\Windows\system32\drivers\drmk.sys
2014-07-16 19:13:32 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2014-07-16 19:13:32 ----A---- C:\Windows\system32\imagehlp.dll
2014-07-16 19:13:23 ----A---- C:\Windows\SYSWOW64\explorer.exe
2014-07-16 19:13:23 ----A---- C:\Windows\explorer.exe
2014-07-16 19:13:11 ----A---- C:\Windows\system32\spoolsv.exe
2014-07-16 19:13:11 ----A---- C:\Windows\splwow64.exe
2014-07-16 19:12:45 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2014-07-16 19:12:45 ----A---- C:\Windows\SYSWOW64\esent.dll
2014-07-16 19:12:45 ----A---- C:\Windows\system32\fsutil.exe
2014-07-16 19:12:45 ----A---- C:\Windows\system32\esent.dll
2014-07-16 19:12:45 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2014-07-16 19:12:45 ----A---- C:\Windows\system32\drivers\nvstor.sys
2014-07-16 19:12:45 ----A---- C:\Windows\system32\drivers\nvraid.sys
2014-07-16 19:12:45 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2014-07-16 19:12:45 ----A---- C:\Windows\system32\drivers\amdxata.sys
2014-07-16 19:12:45 ----A---- C:\Windows\system32\drivers\amdsata.sys
2014-07-16 19:06:52 ----D---- C:\Users\yourfragged\AppData\Roaming\ProductData
2014-07-16 11:52:58 ----D---- C:\ProgramData\Riot Games
2014-07-16 00:35:57 ----A---- C:\Windows\system32\nvspbridge64.dll
2014-07-16 00:35:56 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2014-07-16 00:35:25 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-07-16 00:26:53 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-07-16 00:26:53 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-07-16 00:26:53 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-07-16 00:26:49 ----A---- C:\Windows\system32\nvdispgenco6434043.dll
2014-07-16 00:26:49 ----A---- C:\Windows\system32\nvdispco6434043.dll
2014-07-16 00:26:48 ----A---- C:\Windows\system32\nvopencl.dll
2014-07-16 00:26:48 ----A---- C:\Windows\system32\NvFBC64.dll
2014-07-16 00:26:47 ----A---- C:\Windows\SYSWOW64\SET1DF4.tmp
2014-07-16 00:26:47 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-07-16 00:26:47 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-07-16 00:26:47 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-07-16 00:26:47 ----A---- C:\Windows\system32\NvIFR64.dll
2014-07-15 22:22:46 ----A---- C:\Windows\system32\drivers\atksgt.sys
2014-07-15 22:22:45 ----A---- C:\Windows\system32\drivers\lirsgt.sys
2014-06-25 00:47:09 ----A---- C:\Windows\_ HD PORNO _ Jewels Jade 02 ( brunetky anal mlib porno film brazzers teen best hardcore erotic porn oral nice ass young girls holky with old busty woman new akce sukani of girl milf xxx sex erot.lnk
2014-06-25 00:46:10 ----A---- C:\Windows\_ HD PORNO _ Nikita von James ( blondynky psp porno film brazzers teen best hardcore erotic porn oral nice ass young girls holky with old busty woman new akce sukani of girl milf xxx sex erotika.lnk

======List of files/folders modified in the last 1 month======

2014-07-19 15:19:32 ----D---- C:\Windows\Prefetch
2014-07-19 15:19:27 ----D---- C:\Windows\Temp
2014-07-19 15:19:22 ----RD---- C:\Program Files
2014-07-19 12:08:43 ----SHD---- C:\System Volume Information
2014-07-18 00:22:10 ----D---- C:\Windows\System32
2014-07-18 00:16:43 ----D---- C:\Windows\Tasks
2014-07-17 22:36:14 ----SHD---- C:\Windows\Installer
2014-07-17 22:35:36 ----D---- C:\Windows\system32\drivers
2014-07-17 22:07:19 ----D---- C:\Windows\system32\catroot
2014-07-17 22:07:11 ----D---- C:\Windows\inf
2014-07-17 22:07:05 ----D---- C:\Windows\system32\DriverStore
2014-07-17 22:06:12 ----D---- C:\Windows
2014-07-17 22:05:58 ----RD---- C:\Program Files (x86)
2014-07-17 22:05:58 ----HD---- C:\ProgramData
2014-07-17 22:04:29 ----D---- C:\ProgramData\Package Cache
2014-07-17 22:04:25 ----D---- C:\Windows\SysWOW64
2014-07-17 21:52:40 ----D---- C:\ProgramData\Razer
2014-07-17 21:52:40 ----D---- C:\Program Files (x86)\Razer
2014-07-17 21:51:37 ----D---- C:\Program Files (x86)\IObit
2014-07-17 21:22:12 ----D---- C:\ProgramData\ccoonntoinuUEtossavea
2014-07-17 19:11:48 ----D---- C:\Windows\system32\config
2014-07-17 15:41:21 ----D---- C:\Windows\Help
2014-07-17 15:15:51 ----D---- C:\Windows\system32\catroot2
2014-07-17 14:48:59 ----D---- C:\Windows\system32\wfp
2014-07-17 14:48:57 ----D---- C:\Windows\system32\wbem
2014-07-17 14:47:59 ----D---- C:\Windows\system32\NDF
2014-07-17 14:47:58 ----D---- C:\Windows\system32\CodeIntegrity
2014-07-17 14:47:58 ----D---- C:\Windows\security
2014-07-17 14:47:58 ----D---- C:\Progamy
2014-07-17 14:47:54 ----D---- C:\Windows\registration
2014-07-17 14:47:04 ----RD---- C:\Users
2014-07-16 23:05:32 ----D---- C:\Windows\Microsoft.NET
2014-07-16 23:05:02 ----RSD---- C:\Windows\assembly
2014-07-16 22:14:42 ----D---- C:\Game
2014-07-16 22:03:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-16 21:49:49 ----D---- C:\Windows\winsxs
2014-07-16 21:35:59 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-16 21:35:59 ----D---- C:\Windows\system32\Dism
2014-07-16 21:35:59 ----D---- C:\Windows\system32\cs-CZ
2014-07-16 21:35:58 ----D---- C:\Windows\SYSWOW64\migration
2014-07-16 21:35:58 ----D---- C:\Windows\system32\migration
2014-07-16 21:35:58 ----D---- C:\Program Files\Internet Explorer
2014-07-16 21:35:58 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-16 21:35:57 ----D---- C:\Windows\ehome
2014-07-16 21:35:57 ----D---- C:\Program Files\Windows Journal
2014-07-16 21:35:53 ----D---- C:\Windows\PolicyDefinitions
2014-07-16 21:35:52 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-07-16 21:35:51 ----D---- C:\Windows\AppPatch
2014-07-16 21:35:49 ----D---- C:\Program Files\Windows Media Player
2014-07-16 21:35:49 ----D---- C:\Program Files (x86)\Windows Media Player
2014-07-16 19:16:45 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-07-16 19:11:25 ----D---- C:\Windows\Logs
2014-07-16 19:11:24 ----D---- C:\Users\yourfragged\AppData\Roaming\DAEMON Tools Lite
2014-07-16 19:07:31 ----D---- C:\Users\yourfragged\AppData\Roaming\uTorrent
2014-07-16 19:02:07 ----D---- C:\Programy
2014-07-16 19:00:13 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-15 22:01:18 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2014-07-17 458336]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-07 283200]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2014-07-17 625248]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2013-10-20 29792]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 15456]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-05-14 55904]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2014-07-17 178272]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2014-07-15 43168]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2014-07-17 51496]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-12-30 3760344]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2014-07-17 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-10-20 29280]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys [2009-06-10 51712]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-11-20 883928]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2014-07-15 310728]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Progamy\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 Razerlow;Razer Pro|Solutions; C:\Windows\system32\drivers\Razerlow.sys [2013-11-20 11136]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-19 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2013-11-19 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-11-19 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-11-19 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 klflt;klflt; C:\Windows\system32\DRIVERS\klflt.sys [2014-07-17 115296]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Služba Kaspersky Anti-Virus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [2013-10-20 214512]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-15 1640768]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2014-05-14 1146304]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-05-04 2152736]
S2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe []
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-19 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-07 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-07 116648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

OTL logfile created on: 19.7.2014 17:22:38 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\yourfragged\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,51 Gb Available Physical Memory | 25,34% Memory free
4,00 Gb Paging File | 1,83 Gb Available in Paging File | 45,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 231,64 Gb Free Space | 49,74% Space Free | Partition Type: NTFS

Computer Name: HERATIX | User Name: yourfragged | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.07.19 17:18:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\yourfragged\Downloads\OTL.exe
PRC - [2014.07.19 12:21:57 | 000,818,320 | ---- | M] () -- C:\Users\yourfragged\AppData\Local\Temp\RarSFX0\7154617.exe
PRC - [2014.07.19 12:19:21 | 000,455,760 | ---- | M] (Kaspersky Lab) -- C:\Users\yourfragged\AppData\Local\Temp\6466821\7154617.exe
PRC - [2014.07.19 11:19:28 | 145,284,936 | ---- | M] () -- C:\Users\yourfragged\Downloads\setup_11.0.3.7.x01_2014_07_19_11_57.exe
PRC - [2014.07.17 22:30:04 | 001,004,864 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
PRC - [2014.06.05 15:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.10.20 07:04:24 | 000,214,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe

========== Modules (No Company Name) ==========

MOD - [2014.07.19 12:21:57 | 000,818,320 | ---- | M] () -- C:\Users\yourfragged\AppData\Local\Temp\RarSFX0\7154617.exe
MOD - [2014.07.19 11:19:28 | 145,284,936 | ---- | M] () -- C:\Users\yourfragged\Downloads\setup_11.0.3.7.x01_2014_07_19_11_57.exe
MOD - [2014.07.16 19:30:06 | 000,288,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatiod51afaa5#\b42b295429ad340f4cebedfb088d535b\PresentationFramework.classic.ni.dll
MOD - [2014.07.16 19:30:04 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\eeb06f09c438a67426bdcaca022b0bff\PresentationFramework-SystemXml.ni.dll
MOD - [2014.07.16 19:29:43 | 000,257,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\3bbe94483ebc5535ba031c37095177ef\WindowsFormsIntegration.ni.dll
MOD - [2014.07.16 19:29:04 | 019,537,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\e61c002b87e6a11678c2104f82d1628b\System.ServiceModel.ni.dll
MOD - [2014.07.16 19:27:48 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.P4d3ce419#\e9ab7b0b33113ebd3bdbb8b815cb74e4\Microsoft.Practices.ServiceLocation.ni.dll
MOD - [2014.07.16 19:27:46 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.P0071ad0b#\6b23d36e459761b2f7e5b102cb0a0227\Microsoft.Practices.Prism.Interactivity.ni.dll
MOD - [2014.07.16 19:27:37 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\631e501e8611f2ddb0ecf8cfe6f85a4f\UIAutomationTypes.ni.dll
MOD - [2014.07.16 19:27:34 | 000,123,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windc7c43db6#\5bba16d90fbb2f39c6fd4b4b29f4d366\System.Windows.Interactivity.ni.dll
MOD - [2014.07.16 19:20:08 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\63b566ebd7592ab4aac14614b05b32e0\System.Xml.ni.dll
MOD - [2014.07.16 19:20:03 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\cd1bbf37c5adc7bb67eabaae20649e54\System.Windows.Forms.ni.dll
MOD - [2014.07.16 19:20:02 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d1797a38e945a46f85cdaf2080afb5c6\System.Xaml.ni.dll
MOD - [2014.07.16 19:20:00 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\37731438b71b6798d934dad47ef56596\PresentationFramework.ni.dll
MOD - [2014.07.16 19:19:50 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\a095ded1f7d3feaee17336cd7e39e2f8\System.Drawing.ni.dll
MOD - [2014.07.16 19:19:45 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\1a9328ba3d852ca94185f435a05affe2\PresentationCore.ni.dll
MOD - [2014.07.16 19:19:42 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\b421d19f01911e8f74876ded9d5a85c0\System.Configuration.ni.dll
MOD - [2014.07.16 19:19:38 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\e29c126f91fa5e968c7792adaf3c62ff\System.Core.ni.dll
MOD - [2014.07.16 19:19:35 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\3a685d1b549ea40565f41bc3d054cd06\WindowsBase.ni.dll
MOD - [2014.07.16 19:19:32 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\fd8c46f1f500496403ec7538ab3077b6\System.ni.dll
MOD - [2014.07.16 19:19:25 | 016,546,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e56a581b7e96d7cde5a258d43041c942\mscorlib.ni.dll
MOD - [2014.06.05 15:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014.06.05 15:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014.06.05 15:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014.06.05 15:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014.06.05 15:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2013.06.17 12:35:10 | 000,478,400 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll

========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013.11.19 22:38:07 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014.05.14 02:03:08 | 001,146,304 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)
SRV - [2014.05.04 16:37:30 | 002,152,736 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013.10.20 07:04:24 | 000,214,512 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe -- (AVP)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.07.19 11:56:31 | 000,458,336 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\79605865.sys -- (79605865)
DRV:64bit: - [2014.07.17 22:35:12 | 000,625,248 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2014.07.17 22:35:12 | 000,178,272 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2014.07.17 22:35:12 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2014.07.17 22:35:11 | 000,458,336 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2014.07.17 22:35:11 | 000,115,296 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\klflt.sys -- (klflt)
DRV:64bit: - [2014.07.17 16:56:26 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2014.07.16 19:12:45 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2014.07.16 19:12:45 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2014.07.15 22:33:01 | 000,310,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2014.07.15 22:22:45 | 000,043,168 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2014.03.31 18:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.11.20 01:03:01 | 000,883,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013.11.20 00:59:01 | 000,011,136 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Razerlow.sys -- (Razerlow)
DRV:64bit: - [2013.11.19 22:55:48 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013.11.19 22:55:47 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.11.19 22:55:45 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013.11.19 22:55:44 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013.11.19 21:36:37 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.10.20 07:04:20 | 000,029,792 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2013.10.20 07:04:20 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2013.05.22 19:49:32 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2013.05.14 17:34:44 | 000,055,904 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2013.04.12 15:34:48 | 000,015,456 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klpd.sys -- (klpd)
DRV:64bit: - [2013.04.07 23:53:13 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:53 | 000,051,712 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-418075006-3756309836-2948794368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1198 ... 304F50CB37
IE - HKU\S-1-5-21-418075006-3756309836-2948794368-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-418075006-3756309836-2948794368-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-418075006-3756309836-2948794368-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchT ... 304F50CB37
IE - HKU\S-1-5-21-418075006-3756309836-2948794368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Progamy\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014.07.17 22:35:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014.07.17 22:35:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014.07.17 22:35:25 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Yahoo (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yahoo.com/gossip?outpu ... earchTerms},
CHR - homepage: http://www.search.ask.com/?p2=%5EB3Q%5E ... 07-07&psv=
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - Extension: Dokumenty Google = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: VyhledĂˇvĂˇnĂ Google = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Kaspersky URL poradce = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\14.0.0.4651_0\
CHR - Extension: ccoonntoinuUEtossavea = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcldkjfhobpjbchknnmcemiemdjkjopn\1\
CHR - Extension: AdBlock = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.7_0\
CHR - Extension: Ebay Shopping Assistant by Spigot = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_0\
CHR - Extension: BlokovĂˇnĂ nebezpeÄŤnĂ˝ch webĹŻ = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\14.0.0.4651_0\
CHR - Extension: Domain Error Assistant = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\
CHR - Extension: Virtual Keyboard = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\14.0.0.4917_0\
CHR - Extension: Slick Savings = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\
CHR - Extension: PenÄ›Ĺľenka Google = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\
CHR - Extension: Gmail = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O4:64bit: - HKLM..\Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" File not found
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\SysWow64\grpconv.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\yourfragged\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_79605865.lnk = C:\Users\yourfragged\AppData\Local\Temp\_uninst_79605865.bat ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-418075006-3756309836-2948794368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56331C7B-7427-4EAF-860A-A4BCACDF4221}: DhcpNameServer = 192.168.2.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.RTV1 - rtvcvfw64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.RTV1 - C:\Windows\SysWow64\rtvcvfw32.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2014.07.19 15:33:24 | 000,458,336 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\79605865.sys
[2014.07.19 15:19:22 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.07.19 15:19:20 | 000,000,000 | ---D | C] -- C:\rsit
[2014.07.17 22:07:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
[2014.07.17 22:07:18 | 000,110,176 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\klfphc.dll
[2014.07.17 22:06:12 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2014.07.17 22:05:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014.07.17 22:05:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2014.07.17 22:05:38 | 000,625,248 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2014.07.17 22:05:38 | 000,115,296 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2014.07.17 16:56:26 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2014.07.17 16:56:23 | 000,000,000 | ---D | C] -- C:\Users\yourfragged\AppData\Roaming\Spyware Terminator
[2014.07.17 16:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2014.07.17 16:56:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
[2014.07.17 16:55:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2014.07.17 15:52:49 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014.07.17 15:50:50 | 000,837,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll
[2014.07.17 15:49:44 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014.07.17 15:49:44 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014.07.17 15:49:43 | 024,796,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.07.17 15:49:43 | 024,742,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.07.17 15:49:43 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.07.17 15:49:43 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.07.17 15:49:43 | 015,693,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.07.17 15:49:43 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014.07.17 15:49:43 | 008,791,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014.07.17 15:49:43 | 007,581,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.07.17 15:49:43 | 007,041,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.07.17 15:49:43 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.07.17 15:49:43 | 002,808,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014.07.17 15:49:43 | 002,542,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.07.17 15:49:43 | 002,458,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014.07.17 15:49:43 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.07.17 15:49:43 | 002,232,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.07.17 15:49:43 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.07.17 15:49:43 | 001,533,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2014.07.17 15:49:43 | 001,454,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2014.07.17 15:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014.07.17 15:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014.07.17 15:41:22 | 010,406,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014.07.17 15:41:22 | 005,067,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014.07.17 15:41:22 | 000,222,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014.07.17 15:41:22 | 000,137,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014.07.17 15:09:36 | 000,930,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpinst.exe
[2014.07.17 15:09:32 | 000,316,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2014.07.17 15:09:24 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014.07.17 13:10:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2014.07.17 13:00:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2014.07.17 12:32:55 | 000,000,000 | ---D | C] -- C:\Users\yourfragged\AppData\Roaming\AdobeChk
[2014.07.16 20:57:14 | 001,614,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco642090.dll
[2014.07.16 20:57:14 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642040.dll
[2014.07.16 19:35:29 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014.07.16 19:33:12 | 001,538,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.07.16 19:33:12 | 001,466,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.07.16 19:33:12 | 000,735,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.07.16 19:33:12 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.07.16 19:33:12 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.07.16 19:33:12 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.07.16 19:33:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.07.16 19:33:12 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.07.16 19:33:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.07.16 19:33:12 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014.07.16 19:33:12 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014.07.16 19:33:12 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.07.16 19:33:12 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.07.16 19:33:12 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014.07.16 19:33:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014.07.16 19:33:12 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014.07.16 19:31:54 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014.07.16 19:31:54 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014.07.16 19:31:06 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014.07.16 19:31:06 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014.07.16 19:29:18 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014.07.16 19:28:29 | 003,178,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014.07.16 19:28:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014.07.16 19:27:49 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014.07.16 19:26:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014.07.16 19:26:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014.07.16 19:26:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014.07.16 19:26:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014.07.16 19:25:59 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014.07.16 19:25:59 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014.07.16 19:22:39 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014.07.16 19:22:39 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014.07.16 19:22:39 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014.07.16 19:22:39 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014.07.16 19:22:39 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014.07.16 19:22:39 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014.07.16 19:22:39 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014.07.16 19:22:39 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014.07.16 19:22:39 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014.07.16 19:22:39 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014.07.16 19:22:39 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014.07.16 19:22:39 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014.07.16 19:22:39 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014.07.16 19:22:39 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014.07.16 19:22:39 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014.07.16 19:22:39 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014.07.16 19:22:39 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014.07.16 19:22:39 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014.07.16 19:22:39 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014.07.16 19:22:39 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014.07.16 19:22:39 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014.07.16 19:22:38 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014.07.16 19:21:13 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014.07.16 19:21:13 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014.07.16 19:21:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014.07.16 19:21:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014.07.16 19:20:50 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014.07.16 19:20:50 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014.07.16 19:20:50 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014.07.16 19:20:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014.07.16 19:20:50 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014.07.16 19:20:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014.07.16 19:20:50 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014.07.16 19:20:50 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014.07.16 19:20:50 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014.07.16 19:20:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014.07.16 19:20:32 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014.07.16 19:20:32 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014.07.16 19:17:14 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.07.16 19:15:26 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014.07.16 19:15:26 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014.07.16 19:15:26 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014.07.16 19:15:26 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014.07.16 19:15:26 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014.07.16 19:15:25 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014.07.16 19:15:25 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014.07.16 19:15:25 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014.07.16 19:15:25 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014.07.16 19:15:25 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014.07.16 19:15:25 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014.07.16 19:15:25 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014.07.16 19:15:25 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014.07.16 19:15:25 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014.07.16 19:15:25 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014.07.16 19:15:25 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014.07.16 19:15:25 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014.07.16 19:14:54 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014.07.16 19:14:54 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014.07.16 19:14:41 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014.07.16 19:14:41 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014.07.16 19:14:27 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014.07.16 19:14:27 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014.07.16 19:14:27 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014.07.16 19:14:27 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014.07.16 19:13:49 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2014.07.16 19:13:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2014.07.16 19:13:49 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2014.07.16 19:13:49 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2014.07.16 19:13:49 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2014.07.16 19:13:49 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2014.07.16 19:13:40 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2014.07.16 19:13:40 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2014.07.16 19:13:32 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014.07.16 19:13:23 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014.07.16 19:13:23 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014.07.16 19:13:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2014.07.16 19:12:45 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2014.07.16 19:12:45 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2014.07.16 19:12:45 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2014.07.16 19:12:45 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2014.07.16 19:12:45 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2014.07.16 19:12:45 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2014.07.16 19:06:52 | 000,000,000 | ---D | C] -- C:\Users\yourfragged\AppData\Roaming\ProductData
[2014.07.16 18:59:09 | 000,000,000 | ---D | C] -- C:\Windows\tasks\ImCleanDisabled
[2014.07.16 11:52:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Riot Games
[2014.07.16 00:35:57 | 001,715,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014.07.16 00:35:56 | 001,291,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014.07.16 00:35:49 | 000,000,000 | ---D | C] -- C:\Users\yourfragged\AppData\Local\NVIDIA
[2014.07.16 00:35:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014.07.16 00:26:53 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014.07.16 00:26:53 | 000,037,320 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014.07.16 00:26:53 | 000,034,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014.07.16 00:26:49 | 001,890,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434043.dll
[2014.07.16 00:26:49 | 001,542,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434043.dll
[2014.07.16 00:26:48 | 013,911,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.07.16 00:26:48 | 000,902,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.07.16 00:26:47 | 011,272,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.07.16 00:26:47 | 000,946,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.07.16 00:26:47 | 000,909,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.07.16 00:26:47 | 000,869,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.07.15 22:34:15 | 000,000,000 | ---D | C] -- C:\Users\yourfragged\Documents\The Witcher
[2014.07.15 22:34:15 | 000,000,000 | ---D | C] -- C:\Users\yourfragged\AppData\Local\The Witcher
[2014.07.15 21:59:08 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\The Witcher
[2014.07.15 21:20:46 | 000,000,000 | ---D | C] -- C:\Users\yourfragged\Documents\Witcher 2
[2014.07.15 21:20:46 | 000,000,000 | ---D | C] -- C:\Users\yourfragged\AppData\Local\The Witcher 2
[2014.07.15 21:18:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2014.07.19 17:26:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.07.19 15:34:53 | 000,001,011 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_79605865.lnk
[2014.07.19 12:36:14 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.07.19 12:36:14 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.07.19 11:56:31 | 000,458,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\79605865.sys
[2014.07.19 10:59:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.07.19 10:59:07 | 1610,059,776 | -HS- | M] () -- C:\hiberfil.sys
[2014.07.18 00:28:14 | 002,053,971 | ---- | M] () -- C:\Users\yourfragged\Desktop\kaspersky.png
[2014.07.18 00:22:10 | 000,001,150 | ---- | M] () -- C:\Windows\SysNative\_ HD PORNO _ Jewels Jade 02 ( brunetky anal mlib porno film brazzers teen best hardcore erotic porn oral nice ass young girls holky with old busty woman new akce sukani of girl milf xxx sex erot.lnk
[2014.07.18 00:21:48 | 000,001,141 | ---- | M] () -- C:\Windows\SysNative\_ HD PORNO _ Nikita von James ( blondynky psp porno film brazzers teen best hardcore erotic porn oral nice ass young girls holky with old busty woman new akce sukani of girl milf xxx sex erotika.lnk
[2014.07.17 22:35:12 | 000,625,248 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2014.07.17 22:35:12 | 000,178,272 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kneps.sys
[2014.07.17 22:35:12 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klkbdflt.sys
[2014.07.17 22:35:11 | 000,458,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2014.07.17 22:35:11 | 000,115,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2014.07.17 22:07:20 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
[2014.07.17 21:33:18 | 002,224,679 | ---- | M] () -- C:\Users\yourfragged\Desktop\seznam viru.png
[2014.07.17 21:31:45 | 002,217,336 | ---- | M] () -- C:\Users\yourfragged\Desktop\Bez názvu.png
[2014.07.17 16:56:26 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2014.07.17 16:56:08 | 000,001,038 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2014.07.16 22:03:18 | 001,583,226 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.07.16 22:03:18 | 000,668,542 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.07.16 22:03:18 | 000,653,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.07.16 22:03:18 | 000,141,202 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.07.16 22:03:18 | 000,121,802 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.07.16 21:48:57 | 000,276,128 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.07.16 21:47:10 | 000,000,000 | ---- | M] () -- C:\asc_rdflag
[2014.07.16 19:35:29 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014.07.16 19:33:12 | 001,538,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.07.16 19:33:12 | 001,466,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.07.16 19:33:12 | 000,735,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.07.16 19:33:12 | 000,497,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.07.16 19:33:12 | 000,316,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.07.16 19:33:12 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.07.16 19:33:12 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.07.16 19:33:12 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.07.16 19:33:12 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.07.16 19:33:12 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014.07.16 19:33:12 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014.07.16 19:33:12 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.07.16 19:33:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.07.16 19:33:12 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014.07.16 19:33:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014.07.16 19:33:12 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014.07.16 19:31:54 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014.07.16 19:31:54 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014.07.16 19:31:06 | 000,624,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014.07.16 19:31:06 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014.07.16 19:29:18 | 001,460,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014.07.16 19:28:29 | 003,178,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014.07.16 19:28:29 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014.07.16 19:27:49 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014.07.16 19:26:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014.07.16 19:26:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014.07.16 19:26:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014.07.16 19:26:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014.07.16 19:25:59 | 000,376,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014.07.16 19:25:59 | 000,288,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014.07.16 19:22:39 | 005,550,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014.07.16 19:22:39 | 003,969,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014.07.16 19:22:39 | 003,914,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014.07.16 19:22:39 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014.07.16 19:22:39 | 000,455,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014.07.16 19:22:39 | 000,424,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014.07.16 19:22:39 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014.07.16 19:22:39 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014.07.16 19:22:39 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014.07.16 19:22:39 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014.07.16 19:22:39 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014.07.16 19:22:39 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014.07.16 19:22:39 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014.07.16 19:22:39 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014.07.16 19:22:39 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014.07.16 19:22:39 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014.07.16 19:22:39 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014.07.16 19:22:39 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014.07.16 19:22:39 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014.07.16 19:22:39 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014.07.16 19:22:39 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014.07.16 19:22:38 | 000,538,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014.07.16 19:21:13 | 000,190,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014.07.16 19:21:13 | 000,027,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014.07.16 19:21:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014.07.16 19:21:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014.07.16 19:20:50 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014.07.16 19:20:50 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014.07.16 19:20:50 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014.07.16 19:20:50 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014.07.16 19:20:50 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014.07.16 19:20:50 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014.07.16 19:20:50 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014.07.16 19:20:50 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014.07.16 19:20:50 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014.07.16 19:20:50 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014.07.16 19:20:32 | 000,484,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014.07.16 19:20:32 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014.07.16 19:17:14 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.07.16 19:16:45 | 001,557,940 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.07.16 19:15:26 | 000,572,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014.07.16 19:15:26 | 000,553,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014.07.16 19:15:26 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014.07.16 19:15:26 | 000,510,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014.07.16 19:15:26 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014.07.16 19:15:26 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014.07.16 19:15:25 | 000,658,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014.07.16 19:15:25 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014.07.16 19:15:25 | 000,594,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014.07.16 19:15:25 | 000,552,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014.07.16 19:15:25 | 000,508,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014.07.16 19:15:25 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014.07.16 19:15:25 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014.07.16 19:15:25 | 000,423,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014.07.16 19:15:25 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014.07.16 19:15:25 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014.07.16 19:15:25 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014.07.16 19:14:54 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014.07.16 19:14:54 | 000,007,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014.07.16 19:14:41 | 000,335,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014.07.16 19:14:41 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014.07.16 19:14:27 | 014,631,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014.07.16 19:14:27 | 012,625,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014.07.16 19:14:27 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014.07.16 19:14:27 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014.07.16 19:13:49 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2014.07.16 19:13:49 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2014.07.16 19:13:49 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2014.07.16 19:13:49 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2014.07.16 19:13:49 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2014.07.16 19:13:49 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2014.07.16 19:13:40 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2014.07.16 19:13:40 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2014.07.16 19:13:32 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014.07.16 19:13:23 | 002,871,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014.07.16 19:13:23 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014.07.16 19:13:11 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2014.07.16 19:12:45 | 002,565,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2014.07.16 19:12:45 | 001,699,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2014.07.16 19:12:45 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2014.07.16 19:12:45 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2014.07.16 19:12:45 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2014.07.16 19:12:45 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2014.07.15 22:33:01 | 000,310,728 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2014.07.15 22:32:37 | 000,000,492 | ---- | M] () -- C:\Users\yourfragged\Desktop\Zaklínač.lnk
[2014.07.15 22:22:45 | 000,043,168 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2014.07.15 21:18:21 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\The Witcher 2 - Assassins of Kings.lnk
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.07.19 17:26:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.07.19 15:34:53 | 000,001,011 | ---- | C] () -- C:\Users\yourfragged\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_79605865.lnk
[2014.07.18 00:28:13 | 002,053,971 | ---- | C] () -- C:\Users\yourfragged\Desktop\kaspersky.png
[2014.07.18 00:22:10 | 000,001,150 | ---- | C] () -- C:\Windows\SysNative\_ HD PORNO _ Jewels Jade 02 ( brunetky anal mlib porno film brazzers teen best hardcore erotic porn oral nice ass young girls holky with old busty woman new akce sukani of girl milf xxx sex erot.lnk
[2014.07.18 00:21:48 | 000,001,141 | ---- | C] () -- C:\Windows\SysNative\_ HD PORNO _ Nikita von James ( blondynky psp porno film brazzers teen best hardcore erotic porn oral nice ass young girls holky with old busty woman new akce sukani of girl milf xxx sex erotika.lnk
[2014.07.17 22:07:51 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
[2014.07.17 21:33:18 | 002,224,679 | ---- | C] () -- C:\Users\yourfragged\Desktop\seznam viru.png
[2014.07.17 21:31:45 | 002,217,336 | ---- | C] () -- C:\Users\yourfragged\Desktop\Bez názvu.png
[2014.07.17 16:56:08 | 000,001,038 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2014.07.17 15:41:22 | 003,802,247 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2014.07.17 15:09:36 | 000,007,384 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014.07.16 21:47:10 | 000,000,000 | ---- | C] () -- C:\asc_rdflag
[2014.07.15 22:32:37 | 000,000,492 | ---- | C] () -- C:\Users\yourfragged\Desktop\Zaklínač.lnk
[2014.07.15 22:22:46 | 000,310,728 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2014.07.15 22:22:45 | 000,043,168 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2014.07.15 21:18:21 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\The Witcher 2 - Assassins of Kings.lnk
[2014.03.11 16:45:45 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2013.11.20 01:01:56 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013.11.19 07:20:55 | 000,002,813 | ---- | C] () -- C:\Users\yourfragged\Unigine_Heaven_Benchmark_4.0_20131119_0620.html
[2013.11.19 07:11:22 | 001,065,984 | ---- | C] () -- C:\Users\yourfragged\AppData\Local\file__0.localstorage
[2013.11.18 22:52:30 | 000,037,376 | ---- | C] () -- C:\Windows\SysWow64\uplay_r1_loader.dll
[2013.10.06 03:42:40 | 006,307,840 | ---- | C] () -- C:\Windows\SysWow64\engine_x86_rwdi.dll
[2013.05.30 20:06:13 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.05.27 12:49:18 | 000,045,270 | ---- | C] () -- C:\Users\yourfragged\AppData\Roaming\room_v3.dat
[2013.04.17 17:00:57 | 001,557,940 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.09.28 21:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.07.16 19:24:15 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.07.16 19:24:15 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.04.07 23:54:13 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Babylon
[2013.04.09 22:08:54 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\BSplayer
[2013.04.07 23:46:45 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\BSplayer Pro
[2014.07.16 19:11:24 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\DAEMON Tools Lite
[2013.09.27 08:32:33 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\fltk.org
[2014.03.14 18:36:22 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Foxit Software
[2013.08.05 19:11:49 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\GarenaPlus
[2013.11.22 06:12:27 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Injustice
[2013.12.30 19:22:41 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\IObit
[2013.04.07 16:49:38 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\LolClient
[2014.07.17 14:47:58 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\ProductData
[2014.07.17 16:56:23 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Spyware Terminator
[2013.09.14 09:46:49 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\The Creative Assembly
[2013.09.30 02:03:29 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Theta
[2013.07.09 21:09:46 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Thinstall
[2013.07.07 13:01:35 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Tomabo
[2013.12.29 15:43:15 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\TS3Client
[2014.07.16 19:07:31 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013.04.07 18:12:09 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.10.06 03:39:00 | 000,000,282 | ---- | C] () -- C:\Windows\Tasks\RDReminder.job
[2013.10.12 08:55:34 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec718c94750c.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2014.07.16 19:13:23 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2014.07.16 19:13:23 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2014.07.16 19:13:23 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2014.07.16 19:13:22 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2014.07.16 19:13:23 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2014.07.16 19:13:23 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.07.16 19:25:59 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.07.16 19:25:59 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2013.11.19 21:47:53 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.11.19 22:59:36 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.07.16 19:25:59 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.11.19 22:59:36 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013.11.19 22:41:29 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.11.19 21:47:53 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.11.19 22:41:29 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.07.16 19:22:39 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.07.16 19:22:39 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014.07.16 19:22:39 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[23 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[3 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.04.07 16:49:36 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Adobe
[2014.07.17 14:47:55 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\AdobeChk
[2013.11.19 21:14:13 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Apple Computer
[2013.04.07 23:54:13 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Babylon
[2013.04.09 22:08:54 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\BSplayer
[2013.04.07 23:46:45 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\BSplayer Pro
[2014.07.16 19:11:24 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\DAEMON Tools Lite
[2013.09.27 08:32:33 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\fltk.org
[2014.03.14 18:36:22 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Foxit Software
[2013.08.05 19:11:49 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\GarenaPlus
[2013.04.07 17:52:36 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Identities
[2013.11.22 06:12:27 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Injustice
[2013.12.30 19:22:41 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\IObit
[2013.04.07 16:49:38 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\LolClient
[2013.04.07 16:49:37 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Macromedia
[2013.07.21 05:01:24 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Malwarebytes
[2011.04.12 10:45:27 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Media Center Programs
[2013.07.07 13:24:51 | 000,000,000 | --SD | M] -- C:\Users\yourfragged\AppData\Roaming\Microsoft
[2014.01.04 06:00:53 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\NVIDIA
[2014.07.17 14:47:58 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\ProductData
[2013.09.25 21:12:34 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Skype
[2014.07.17 16:56:23 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Spyware Terminator
[2013.09.14 09:46:49 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\The Creative Assembly
[2013.09.30 02:03:29 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Theta
[2013.07.09 21:09:46 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Thinstall
[2013.07.07 13:01:35 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Tomabo
[2013.12.29 15:43:15 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\TS3Client
[2014.07.16 19:07:31 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\uTorrent
[2013.04.09 03:49:17 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012.10.11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2014.07.16 19:05:39 | 000,588,608 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\IObit\IObit Uninstaller\Install_PintoStartMenutemp.exe
[2014.07.16 19:05:39 | 000,629,568 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe
[2014.02.28 14:25:32 | 002,130,720 | ---- | M] (IObit) -- C:\Users\yourfragged\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013.10.12 08:55:34 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cec718c94750c.job
[2013.08.31 01:35:02 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.11.18 22:52:17 | 000,000,282 | ---- | M] () -- C:\Windows\Tasks\RDReminder.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.07.16 19:22:39 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\adprovider.dll
[2014.07.16 19:22:39 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\capiprovider.dll
[2014.07.16 19:22:39 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cngprovider.dll
[2014.07.16 19:35:29 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\credssp.dll
[2014.07.16 19:13:49 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cscript.exe
[2014.07.16 19:22:39 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dimsroam.dll
[2014.07.16 19:22:39 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpapiprovider.dll
[2014.07.16 19:33:12 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2014.07.16 19:33:12 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2014.07.16 19:12:45 | 001,699,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\esent.dll
[2014.07.16 19:13:23 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\explorer.exe
[2014.07.16 19:12:45 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fsutil.exe
[2014.07.16 19:33:12 | 010,992,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2014.07.16 19:33:12 | 002,078,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2014.07.16 19:33:12 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2014.07.16 19:33:12 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieUnatt.exe
[2014.07.16 19:13:32 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imagehlp.dll
[2014.07.16 19:33:12 | 001,466,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetcpl.cpl
[2014.07.16 19:20:50 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\instnm.exe
[2014.07.16 19:21:13 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iologmsg.dll
[2014.07.16 19:33:12 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2014.07.16 19:35:29 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kerberos.dll
[2014.07.16 19:20:50 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kernel32.dll
[2014.07.16 19:22:38 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KernelBase.dll
[2014.07.16 19:15:43 | 000,420,008 | ---- | M] () -- C:\Windows\system32\locale.nls
[2014.07.16 19:15:26 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msdrm.dll
[2014.07.16 19:33:12 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2014.07.16 19:33:12 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2014.07.16 19:33:12 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedssync.exe
[2014.07.16 19:33:12 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshta.exe
[2014.07.16 19:33:12 | 006,043,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2014.07.16 19:33:12 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.tlb
[2014.07.16 19:33:12 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2014.07.16 19:14:41 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msieftp.dll
[2014.07.16 19:35:29 | 000,259,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msv1_0.dll
[2014.07.16 19:26:39 | 001,237,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3.dll
[2014.07.16 19:26:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3r.dll
[2014.07.16 19:26:39 | 001,389,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6.dll
[2014.07.16 19:26:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6r.dll
[2014.07.16 19:35:29 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncrypt.dll
[2014.07.16 19:22:39 | 003,969,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntkrnlpa.exe
[2014.07.16 19:22:39 | 003,914,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntoskrnl.exe
[2014.07.16 19:20:50 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntvdm64.dll
[2014.07.16 19:22:38 | 000,538,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\objsel.dll
[2014.07.16 19:31:54 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\osk.exe
[2014.07.16 19:16:45 | 001,557,940 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2014.07.16 19:31:06 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qedit.dll
[2014.07.16 19:15:26 | 000,572,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RMActivate.exe
[2014.07.16 19:15:25 | 000,594,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RMActivate_isv.exe
[2014.07.16 19:15:26 | 000,510,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RMActivate_ssp.exe
[2014.07.16 19:15:25 | 000,508,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RMActivate_ssp_isv.exe
[2014.07.16 19:35:29 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\schannel.dll
[2014.07.16 19:13:49 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scrrun.dll
[2014.07.16 19:15:26 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc.dll
[2014.07.16 19:15:25 | 000,423,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc_isv.dll
[2014.07.16 19:15:26 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc_ssp.dll
[2014.07.16 19:15:25 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc_ssp_isv.dll
[2014.07.16 19:29:18 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secur32.dll
[2014.07.16 19:20:50 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\setup16.exe
[2014.07.16 19:24:15 | 012,874,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shell32.dll
[2014.07.16 19:29:18 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sspicli.dll
[2014.07.16 19:35:29 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TSpkg.dll
[2014.07.16 19:14:07 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tzres.dll
[2014.07.16 19:33:12 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2014.07.16 19:33:12 | 001,234,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2014.07.16 19:20:50 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\user.exe
[2014.07.16 19:27:49 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\usp10.dll
[2014.07.16 19:17:14 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2014.07.16 19:35:29 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wdigest.dll
[2014.07.16 19:20:32 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wer.dll
[2014.07.16 19:22:39 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wincredprovider.dll
[2014.07.16 19:33:12 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll
[2014.07.16 19:14:27 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmp.dll
[2014.07.16 19:14:27 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmploc.DLL
[2014.07.16 19:20:50 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wow32.dll
[2014.07.16 19:13:49 | 000,141,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wscript.exe
[2014.07.16 19:13:49 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wshom.ocx
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.07.16 19:33:12 | 000,677,024 | ---- | M] (Microsoft Corporation) MD5=268D3578E0A0900E4F612419561DAE09 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2014.06.05 15:58:39 | 000,860,488 | ---- | M] (Google Inc.) MD5=A5FCD42334CCC682DA1882A54338686C -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.07.19 17:26:23 | 000,000,512 | ---- | M] () MD5=D4C4BF1265F182190686399BB2A38D92 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.11.16 20:19:55 | 016,372,576 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay_Cracked.exe
[2013.12.02 21:53:50 | 000,001,368 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\3DMGAME-Assassins.Creed.IV.Black.Flag.All.Unlock.Crack.v10-3DM.torrent
[2013.11.18 23:09:34 | 000,012,724 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\AC 4 Super Crack v7.rar.torrent
[2013.11.26 09:24:09 | 000,012,117 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\AC.IV.BF.CRACKONLY.RELOADED.torrent
[2013.09.30 02:02:02 | 000,001,271 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Assassin's Creed 3 Assassins Creed III - CRACK WITHOUT UPLAY - Works With All Versions - PHTX.torrent
[2013.11.19 03:52:12 | 000,014,091 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Assassin's Creed IV Black Flag Gold Edition-SKIDROW- UPDATE + CRACK HOTFIX V6.torrent
[2013.11.18 22:47:34 | 000,013,178 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Assassin's.Creed.IV.Black.Flag.Update.And.Crack.Fix.V6.rar.torrent
[2013.11.19 01:07:34 | 000,013,703 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Assassins Creed IV Crack Fix V4 -TESTED- TTG.torrent
[2013.10.06 03:31:06 | 000,000,733 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Dead Island Riptide Crack Only-RELOADED.rar.torrent
[2013.10.06 03:29:00 | 000,000,905 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Dead Island Riptide Crack Only-RELOADED.torrent
[2013.07.16 20:24:22 | 000,011,763 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Deadpool.PROPER.Crack.Only.English-SKIDROW.zip.torrent
[2013.09.26 13:10:03 | 000,045,915 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\FIFA.14-ULTIMIATE.EDITION-SKIDROWCRACK.torrent
[2013.08.31 02:52:34 | 000,002,943 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Gta Episodes From Liberty City Pc Crack Razor 1911_ZaaDi.torrent
[2013.04.09 06:56:32 | 000,011,736 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Hitman.Absolution.CRACK.ONLY-SKIDROW.torrent
[2013.05.30 15:19:56 | 000,023,131 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Max.Payne.3.CRACK.ONLY-RELOADED.1.torrent
[2013.05.30 13:38:24 | 000,023,131 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Max.Payne.3.CRACK.ONLY-RELOADED.torrent
[2013.05.30 14:39:30 | 000,019,354 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Max.Payne.3.Special.Edition.CRACK.ONLY.Fixed-REVOLT.torrent
[2013.07.04 00:02:48 | 000,015,684 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\The Walking Dead 400 Days [English][PCDVD][FULL UNLOCKED][CRACK][P2P][WwW.GamesTorrents.CoM].torrent
[2013.04.08 02:14:47 | 000,001,102 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Tomb.Raider.CRACK.ONLY-SKIDROW.torrent

< *keygen* /s >

< *loader* /s >
[2013.01.01 00:00:00 | 000,064,280 | ---- | M] () -- \Game\Remember Me\Binaries\Win32\PhysXLoader.dll
[2013.02.21 15:12:44 | 000,000,404 | ---- | M] () -- \Game\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.100\deploy\assets\storeImages\layout\small_loader.gif
[2011.11.09 16:28:52 | 000,022,574 | ---- | M] () -- \Game\The Witcher 2 Enhanced Edition\CookedPC\globals\gui\loadingscreens\loader.swf
[2008.05.27 10:43:24 | 000,001,666 | ---- | M] () -- \Game\The Witcher Enhanced Edition\System\Scripts\CSkinLoader.luc
[2013.09.11 20:06:44 | 002,243,392 | ---- | M] () -- \Program Files (x86)\IObit\Smart Defrag 2\ActionCenterDownloader.exe
[2014.07.17 22:29:43 | 001,451,328 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kasperskylab.kis.ui.loader.dll
[2013.05.14 10:59:38 | 000,221,376 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kas_loader.dll
[2014.07.17 22:29:55 | 000,340,672 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\prloader.dll
[2014.07.17 22:29:57 | 000,203,456 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\remote_eka_prague_loader.dll
[1 \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\*.tmp files -> \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\*.tmp -> ]
[2013.06.17 11:55:30 | 000,001,557 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\common\loader_16.gif
[2013.06.17 11:55:30 | 000,000,419 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\common\loader_16.png
[2013.06.17 11:55:30 | 000,006,377 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\common\loader_32.gif
[2013.06.17 11:55:30 | 000,001,276 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\common\loader_32.png
[2013.06.17 11:55:30 | 000,009,568 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\common\loader_48.gif
[2013.06.17 11:55:30 | 000,001,805 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\common\loader_48.png
[2013.06.17 11:55:30 | 000,020,462 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\common\loader_96.gif
[2013.06.17 11:55:30 | 000,004,009 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\common\loader_96.png
[2013.06.17 11:55:30 | 000,002,793 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\btn_loader.png
[2013.06.17 11:55:30 | 000,001,459 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0001.png
[2013.06.17 11:55:30 | 000,001,423 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_00010.png
[2013.06.17 11:55:30 | 000,001,453 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_00011.png
[2013.06.17 11:55:30 | 000,001,464 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_00012.png
[2013.06.17 11:55:30 | 000,001,487 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_00013.png
[2013.06.17 11:55:30 | 000,001,480 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_00014.png
[2013.06.17 11:55:30 | 000,001,455 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_00015.png
[2013.06.17 11:55:30 | 000,001,408 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_00016.png
[2013.06.17 11:55:30 | 000,001,472 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0002.png
[2013.06.17 11:55:30 | 000,001,480 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0003.png
[2013.06.17 11:55:30 | 000,001,471 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0004.png
[2013.06.17 11:55:30 | 000,001,439 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0005.png
[2013.06.17 11:55:30 | 000,001,413 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0006.png
[2013.06.17 11:55:30 | 000,001,367 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0007.png
[2013.06.17 11:55:30 | 000,001,274 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0008.png
[2013.06.17 11:55:30 | 000,001,390 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\images\scale-100\scan\loader\loader_0009.png
[2013.06.17 11:55:32 | 000,006,957 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\skin\resources\neutral\templates\images\safe_banking\preloader.gif
[2014.07.17 22:30:56 | 000,473,792 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\prloader.dll
[2014.07.17 22:30:58 | 000,249,024 | ---- | M] () -- \Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\remote_eka_prague_loader.dll
[2012.11.29 09:57:48 | 000,059,904 | ---- | M] () -- \Program Files (x86)\MSI Kombustor 2.5\KLoaderWin32.exe
[2011.07.06 11:55:18 | 000,064,352 | ---- | M] () -- \Program Files (x86)\MSI Kombustor 2.5\PhysXLoader.dll
[2012.11.19 01:06:50 | 000,329,056 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2012.11.19 01:06:52 | 000,293,376 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\uplay_r1_loader.dll
[2014.07.19 11:00:25 | 000,075,740 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Downloader.log
[2014.07.19 11:00:25 | 000,075,740 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Downloader.log
[2014.06.26 09:46:50 | 000,009,418 | ---- | M] () -- \Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.7_0\img\gifloader.gif
[2014.04.26 18:28:53 | 000,000,763 | ---- | M] () -- \Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.5_0\scripts\loader_1036.js
[2014.07.18 14:44:32 | 000,005,505 | ---- | M] () -- \Users\yourfragged\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6AFIKN74\queryLoader[1].js
[2014.07.18 14:44:32 | 000,000,353 | ---- | M] () -- \Users\yourfragged\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OWW80LNG\queryLoader[1].css
[2014.07.19 12:01:10 | 000,170,464 | ---- | M] () -- \Users\yourfragged\AppData\Local\Temp\6466821\prloader.dll
[1 \Users\yourfragged\AppData\Local\Temp\6466821\*.tmp files -> \Users\yourfragged\AppData\Local\Temp\6466821\*.tmp -> ]
[2013.11.19 22:57:46 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.11.18 22:52:31 | 000,037,376 | ---- | M] () -- \Windows\System32\uplay_r1_loader.dll
[2 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2013.11.19 22:57:46 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013.11.18 22:52:31 | 000,037,376 | ---- | M] () -- \Windows\SysWOW64\uplay_r1_loader.dll
[2 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:04:46 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:57:46 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:04:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:57:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 23:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.07.16 19:20:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.07.16 19:22:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.04.12 10:34:35 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.04.12 10:34:35 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.04.12 10:34:35 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.04.12 10:34:35 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.04.12 10:34:35 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2013.11.19 21:29:49 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.11.19 21:29:49 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.11.19 21:29:49 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.11.19 21:29:49 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.11.19 21:29:49 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.04.12 10:33:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2013.11.19 21:29:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.11.19 21:29:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:04:47 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:57:46 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:04:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:57:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 23:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.07.16 19:20:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.07.16 19:22:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

OTL Extras logfile created on: 19.7.2014 17:22:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\yourfragged\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,51 Gb Available Physical Memory | 25,34% Memory free
4,00 Gb Paging File | 1,83 Gb Available in Paging File | 45,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 231,64 Gb Free Space | 49,74% Space Free | Partition Type: NTFS

Computer Name: HERATIX | User Name: yourfragged | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-418075006-3756309836-2948794368-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A125E27-40B0-47D2-9C83-7C4BC9F74A13}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{1B224E40-5F1F-4253-81FC-086AC1AE52DA}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{4734701D-9DEC-4C77-B75D-9C228494E06A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{5AE4BE92-5638-4AFF-BEEB-221918FF8A64}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{66B82A2C-CFE2-43BC-A619-CA1906204CDB}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{66F038F9-761B-4B39-B7B9-7A3F13146E55}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{7BCCA622-90BC-4D31-B6EB-A24215960964}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{7D54E0B6-2E14-4CAE-AFA0-777EB9BAD7A6}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8C157F6D-C065-47CB-B0EA-D354B735A5B7}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{94C213CF-621A-4D70-8B47-31292E184960}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{B0F50B4E-0676-439B-9EF0-8C2218905871}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B47E6C98-E3B5-4D64-9A45-596D03E214C1}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{B820A971-45D8-4CFF-8585-2A180C9094ED}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{B9F81673-D51F-4821-B8F0-E17523AB896C}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{C9A9C0BF-75E0-4FAF-BF00-15AB46B1EE88}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{D49B25BB-BAD1-4201-9B6D-76F990C04D7E}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{DF55798E-6A6E-483F-AD0A-E1E6E5F071A3}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E100B566-DE27-4972-8885-3C2E9138698C}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{E524E536-DAE7-436C-92E0-9CDC7997F6C8}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{E5985303-EFFE-4864-A1A3-A5B46FDB5F44}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F5DB1080-B942-45DE-9296-0C71881CF76A}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{F9F4E1A1-F47E-41C7-9182-D3D9C1396C9C}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{217395D6-381D-454E-B6BD-1AC62DC6FF62}" = protocol=17 | dir=in | app=c:\progamy\steam\steam.exe |
"{259220C8-276C-41D2-A892-B4A4592C5A77}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5E270904-52D0-49A6-9AB3-EB1FDBEF1B1B}" = protocol=6 | dir=in | app=c:\progamy\steam\steam.exe |
"{745690CA-3B64-4A42-9E86-7D61D1A90F4C}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{7843AFA1-B529-4975-B829-50D19C3E3A5F}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{AF18C874-5FD2-4AEA-B919-188C5CA4AF2E}" = protocol=17 | dir=in | app=c:\programy\utorrent\utorrent.exe |
"{B7C675D4-C9EE-4CA7-A63F-848CA5551504}" = protocol=6 | dir=in | app=c:\programy\utorrent\utorrent.exe |
"{DB95390B-BD2D-4E3C-91D9-28731B721539}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"TCP Query User{CED16E7B-377F-41BC-AD7D-599CB0B3FAC9}C:\programy\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\programy\utorrent\utorrent.exe |
"UDP Query User{563018BC-F92D-4C7C-B312-5C084C549DF8}C:\programy\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\programy\utorrent\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 14.6.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 14.6.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"CCleaner" = CCleaner
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.24

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 2.5.0
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5454083B-1308-4485-BF17-111000038701}" = Grand Theft Auto: Episodes from Liberty City
"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012
"{60101460-B0B7-4B50-9600-81CF9CAE33A8}_is1" = SFK Standalone 13.4
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6F6873E3-5C92-4049-B511-231A138DD090}" = Kaspersky Anti-Virus
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-ALWAN-7B42A5D4E0EB}_is1" = Alan Wakes American Nightmare version 1.02
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AE7D5AF6-E561-4711-BC5A-E2CE7AFD8CA7}_is1" = Silent Hill Homecoming
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics DiskDefrag
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher Enhanced Edition
"Afterburner" = MSI Afterburner 2.3.1
"Alan Wake American Nightmare_is1" = Alan Wake American Nightmare
"BioShock Infinite_is1" = BioShock Infinite
"BSPlayerf" = BS.Player FREE
"DAEMON Tools Lite" = DAEMON Tools Lite
"Deadpool_is1" = Deadpool
"Google Chrome" = Google Chrome
"Hitman Absolution_is1" = Hitman Absolution
"InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}" = Kaspersky Anti-Virus
"Pro Evolution Soccer 2013_is1" = «Pro Evolution Soccer 2013» 1.4.0.0
"Remember Me_is1" = Remember Me
"Rockstar Games Social Club" = Rockstar Games Social Club
"Smart Defrag 2_is1" = Smart Defrag 2
"The Witcher 2 - Assassins of Kings Enhanced Edition_is1" = The Witcher 2 - Assassins of Kings Enhanced Edition
"The Wolf Among Us Episode 2_is1" = The Wolf Among Us Episode 2
"Uplay" = Uplay
"uTorrent" = µTorrent
"VGhlV29sZkFtb25nVXM=_is1" = The Wolf Among Us
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== Last 20 Event Log Errors ==========

[ Application Events ]
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.
OTL encountered an error while reading this event log. It may be corrupt.

< End of report >

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze

Budu uprimnej, myslim ze nemam, instaloval mi to tam znamy, snad z toho nebudu mit nejakej problem

U nas problem nebude, my Vam akorat nepomuzem - jelikoz se nelegalnimi systemy nezabyvame

Problem muzete mit pouze az pak s obchodni inspekci a Policii CR

To mate dobreho znameho, kdyz Vam tam nainstaluje nelegalni system a vedomne Vas tak vystavi riziku trestniho stihani...

Vypada to, ze mam peknej pech a k tomu jsem jeste vydan na milost tomu viru z exekucniho emailu

Bohuzel pravidla fora a charta mezinarodni aliance hovori jasne...

Ale prozente si PC MBAMem http://forum.viry.cz/viewtopic.php?f=29&t=137928

Vice poradit zde nemohu...

VIRY.CZ

vir z prilohy z exekucniho emailu

vir z prilohy z exekucniho emailu

Re: vir z prilohy z exekucniho emailu

Re: vir z prilohy z exekucniho emailu

Re: vir z prilohy z exekucniho emailu

Re: vir z prilohy z exekucniho emailu

Re: vir z prilohy z exekucniho emailu

Re: vir z prilohy z exekucniho emailu

Re: vir z prilohy z exekucniho emailu

Re: vir z prilohy z exekucniho emailu

Re: vir z prilohy z exekucniho emailu